// src/middleware/roleMiddleware.js
module.exports = (requiredRole) => (req, res, next) => {
  const { role } = req.user;
  if (role === requiredRole) {
    next();
  } else {
    res.status(403).json({ message: 'Access denied' });
  }
};
